[CentOS] OpenVPN TAP interface problem.

Rafał Radecki

radecki.rafal at gmail.com
Tue Aug 21 14:27:40 UTC 2012


Hi all.

I have an OpenVPN server:
2.2.1-1 x86_64

Server config:
port 11223
dev tap
proto udp
tls-server
ca keys/ca.crt
cert keys/server.crt
key keys/server.key
dh keys/dh1024.pem
server 1.2.3.3 255.255.255.0
push "route 192.168.0.0 255.255.255.0 1.2.3.4"
keepalive 10 60
client-to-client
duplicate-cn
inactive 600
log /var/log/openvpn.log
syslog
status /var/log/openvpn-status.log
user openvpn
group openvpn
persist-tun
persist-key
verb 4
comp-lzo

Server interface:
11: tap0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state
UNKNOWN qlen 100
    link/ether 56:73:e7:c9:c8:e5 brd ff:ff:ff:ff:ff:ff
    inet 1.2.3.4/24 brd 1.2.3.255 scope global tap0

Client:
2.2.1-8ubuntu1
x86_64

Client config:
remote 1.2.3.3 port 11223
dev tap
proto udp
resolv-retry infinite
#nobind
persist-key
persist-tun
tls-client
ca /etc/openvpn/keys/ca.crt
cert /etc/openvpn/keys/client.crt
key /etc/openvpn/keys/client.key
ns-cert-type server
comp-lzo
verb 4
log /var/log/openvpn.log
#syslog
status /var/log/openvpn-status.log

After successful start of openvpn service (Tue Aug 21 16:12:24 2012
us=644993 Initialization Sequence Completed in logfile) I have:
Client interface:
9: tap0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN qlen 100
    link/ether 4a:3d:52:dc:51:c3 brd ff:ff:ff:ff:ff:ff

When I start the tunnel I am not able to ping 1.2.3.4 IP on server, the TAP
interface is also in DOWN state. I have no firewall configured. My client
log file is attached.
Should I have an IP addres on my TAP interface?

Thanks for the help ;)

Best regards,
Rafal.



More information about the CentOS mailing list